In this scenario we have a user/group has below in sudoers
is there a way to restrict the user from just executing rm command
In a sudo context, usually you don't want these kind of "everything" entries. So the best solution is to just have rules for the things you do want the user to be able to do through sudo.
However, back to the general statement.... one way is to create a custom application firewall (e.g. apparmor) and set that new apparmored shell to be the user's shell.
You would need to not only restrict rm, but the ability to start up a different shell (gets very complex at this point since many utilities allow you to spawn a shell.
The better answer is to specific sudo rules for what you want to allow....
Hi all,
I am using Sun OS 5.10. I am new to Unix.
Is there some way to restrict a specific user to certain command say "/usr/bin/more" ??
for example: I want that user1 can execute more command & user2 can't.
Can we somehow edit .profile file in the home directory of user to achieve... (1 Reply)
Hi all,
I want to restrict the perticular command to user.
ex: CD, CP, mv etc .,
"A" user cannot user CD, CP, mv commands from his home directory.
so please let me know the procedure how to restrict the commands access to user "A".
I really thankfull to all.... (3 Replies)
Hello
I have a question in Aix 5.3 can I create a user, that only can see a specify path.
I mean the user log in the default path its /home/newuser he type cd the path that need to check /example/directory_check but if he wants to go to / or any other path. we can not do this.
I only... (1 Reply)
Hi everyone !
I got "viewer" and "root" user on a *nix computer. When i log in using "viewer" I only can use "df" command. When I try another command like "ls" it say :
-bash: ls: command not found
I checked permission of "/bin/ls" file, it has excute permission for everyone. Inside home... (4 Replies)
Hi
I have a Fedora10 server and i need a particular user to view files only in a particular folder.
All other files in other folders having "read" permission for all shouldn't be accessible to this user.
Please let me know if ther's a way.
Thanks,
HG (5 Replies)
Hi there
I have an application user on my system that wants accesses to these file systems as such:
rwx:
/SAPO
/SAPS12
/R3_888
/R3_888B
/R3_888F
/R3_888R
r:
/usr/sap
these are the existing FS permissions:ownerships:
# ls -ld /SAPO (9 Replies)
hi,
I want to restrict some user access to only 1 directory (including all sub-directories/files in it).
can you please explain me, how can we do this?
example;
Filesystem GB blocks Used Free %Used Mounted on
/dev/hd4 2.61 1.02 1.59 40% /
/dev/hd2 ... (7 Replies)
Hello,
Our applications are deployed in SunOS 5.10 servers. All the team members use a same username/pwd to login to the box. Very often we face issue were we could see that weblogic server instance are KILLED and we are not able to trace who executed kill command. All team members use PUTTY to... (2 Replies)
Dear Concern,
We want to restrict ssh for particular user "oracle". Our HP UX version is as below. Please advise.
# uname -a
HP-UX tabsdb02 B.11.31 U ia64 2963363594 unlimited-user license (2 Replies)